package top.ewind.controller;

import com.jfinal.core.Controller;
import com.jfinal.kit.StrKit;
import com.jfinal.plugin.activerecord.Db;
import com.jfinal.plugin.activerecord.Record;

import top.ewind.util.SecurityUtil;

public class LoginCtrl extends Controller {
	
	public void index(){
		render("index.html");
	}
	
	public void adminlogin(){
		String pwd = getPara("password");
		if(StrKit.isBlank(getPara("username"))||StrKit.isBlank(pwd)){
			renderJson("msg","用户和密码不能为空！");
		}
		else{
			
			String username = SecurityUtil.sqlFilter(getPara("username"));
			String epass = SecurityUtil.md5(pwd);
			Record sysuser = null;
			
				sysuser =Db.findFirst("select t.* from sys_admin t where (t.username = ? or t.email = ?) and t.password = ?", username, username,epass);
			
			if(sysuser!=null&&sysuser.getInt("stat").intValue()==1){
				setSessionAttr("sysuser",sysuser);
				setSessionAttr("nid",sysuser.getInt("id"));
				Record role = Db.findById("sys_role",sysuser.getInt("rid"));
				if(role!=null){
					setSessionAttr("usermodels",role.getStr("models"));
				}
				else{
					setSessionAttr("usermodels","");
				}
				renderJson("msg","success");
			}
			else{
				renderJson("msg","用户名或密码不正确！");
			}
		}
	}
}





